ГлавнаяУязвимости → CVE-2024-23131
7.8высокая

CVE-2024-23131

Описание

A maliciously crafted STP file, when parsed in ASMIMPORT229A.dll, ASMKERN228A.dll, ASMkern229A.dll or ASMDATAX228A.dll through Autodesk applications, can lead to a memory corruption vulnerability by write access violation. This vulnerability, in conjunction with other vulnerabilities, can lead to code execution in the context of the current process.

Затрагиваемое ПО
Autodesk Autocad electricalAutodesk Autocad mechanicalAutodesk Autocad mepAutodesk Autocad plant 3dAutodesk Civil 3dAutodesk Advance steelAutodesk Autocad map 3dAutodesk AutocadAutodesk Autocad architecture
CVSS
Балл7.8 — высокая
ВекторCVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Источники
https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0002https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0004https://www.autodesk.com/trust/security-advisories/adsk-sa-2024-0009